<?php
include('header.php');
if(!$is_online){
	redirect('index.php');
	exit;
}
$error = 1;

if(isset($_POST['submit'])){
	$url = $db->EscapeString($_POST['url']);
	$title = $db->EscapeString($_POST['title']);
	$cpc = $db->EscapeString($_POST['cpc']);
	$coins = $db->EscapeString($_POST['coins']);
	$maxcpc = ($data['premium'] > 0 ? 10 : 5);

	if($title == ""){
		$mesaj = '<div class="msg"><div class="error">Add your page title!</div></div>';
	}elseif(!preg_match("%^(https?://)([a-z0-9-].?)+(:[0-9]+)?(/.*)?$%i", $url)){
		$mesaj = '<div class="msg"><div class="error">Please enter an valid URL</div></div>';
	}elseif($_POST['coins'] > $data['coins']){
		$mesaj = '<div class="msg"><div class="error">You don\'t have enough coins!</div></div>';
	}elseif(!is_numeric($_POST['coins']) || $_POST['coins'] <= -1 || $_POST['coins'] == 0){
		$mesaj = '<div class="msg"><div class="error">You have to add at least 1 coin!</div></div>';
	}elseif($_POST['cpc'] < 1 && $_POST['cpc'] > $maxcpc){
		$mesaj = '<div class="msg"><div class="error">CPC incorrect!</div></div>';
	}elseif($_POST['type'] == "google") {
		$sql = $db->Query("SELECT id FROM `sites` WHERE `site`='".$url."'");
		$num = $db->GetNumRows($sql);
		if($num > 0){
			$mesaj = '<div class="msg"><div class="error">Website already added!</div></div>';
		}else{
			$db->Query("INSERT INTO `sites` (user, site, title, points, cpc) VALUES('".$data['login']."', '".$url."', '".$title."', ".$coins.", '".$cpc."') ");
			$db->Query("UPDATE `users` SET `coins`=`coins`-'".$coins."' WHERE `id`='".$data['id']."'");
			$mesaj = '<div class="msg"><div class="success">Website added successfully!</div></div>';
			$error = 0;
		}
		
	}elseif($_POST['type'] == "youtube") {
		$x = explode('=', $url);
		if(preg_match("/\b&\b/i", $x[1])){
			$y = explode('&', $x[1]); 
			$z = $y[0];
		}else{
			$z = $x[1];
		}
			$sql = $db->Query("SELECT * FROM `youtube` WHERE `youtube`='".$z."' AND `user`='".$data['id']."'");
			$num = $db->GetNumRows($sql);
		if($num > 0){
			$mesaj = '<div class="msg"><div class="error">Video already added!</div></div>';
		}elseif($z == ""){
			$mesaj = '<div class="msg"><div class="error">Please enter a valid Youtube link!</div></div>';
		}else{
			$db->Query("INSERT INTO `youtube` (user, youtube, title, points, cpc) VALUES('".$data['id']."', '".$z."', '".$title."', ".$coins.", '".$cpc."') ");
			$db->Query("UPDATE `users` SET `coins`=`coins`-'".$coins."' WHERE `id`='".$data['id']."'");
			$mesaj = '<div class="msg"><div class="success">Video added successfully!</div></div>';
			$error = 0;
		}
		
	}elseif($_POST['type'] == "ytlikes") {
		$x = explode('=', $url);
		if(preg_match("/\b&\b/i", $x[1])){
			$y = explode('&', $x[1]); 
			$z = $y[0];
		}else{
			$z = $x[1];
		}
			$sql = $db->Query("SELECT * FROM `youtubelikes` WHERE `youtube`='".$z."' AND `user`='".$data['id']."'");
			$num = $db->GetNumRows($sql);
		if($num > 0){
			$mesaj = '<div class="msg"><div class="error">Video already added!</div></div>';
		}elseif($z == ""){
			$mesaj = '<div class="msg"><div class="error">Please enter a valid Youtube link!</div></div>';
		}else{
			$db->Query("INSERT INTO `youtubelikes` (user, youtube, title, points, cpc) VALUES('".$data['id']."', '".$z."', '".$title."', ".$coins.", '".$cpc."') ");
			$db->Query("UPDATE `users` SET `coins`=`coins`-'".$coins."' WHERE `id`='".$data['id']."'");
			$mesaj = '<div class="msg"><div class="success">Video added successfully!</div></div>';
			$error = 0;
		}
	
	
	
	}elseif($_POST['type'] == "linkedin") {
		$sql = $db->Query("SELECT * FROM `linkedin` WHERE `site`='".$url."'");
		$num = $db->GetNumRows($sql);
		if($num > 0){
			$mesaj = '<div class="msg"><div class="error">Linkedin URL already added!</div></div>';
		}else{
			$db->Query("INSERT INTO `linkedin` (user, site, title, points, cpc) VALUES('".$data['id']."', '".$url."', '".$title."', ".$coins.", '".$cpc."') ");
			$db->Query("UPDATE `users` SET `coins`=`coins`-'".$coins."' WHERE `id`='".$data['id']."'");
			$mesaj = '<div class="msg"><div class="success">Linkedin added successfully!</div></div>';
			$error = 0;
		}

	
	
	}elseif($_POST['type'] == "surf") {
		$sql = $db->Query("SELECT * FROM `surf` WHERE `site`='".$url."' AND `user`='".$data['id']."'");
		$num = $db->GetNumRows($sql);
		if($num > 0){
			$mesaj = '<div class="msg"><div class="error">Website already added!</div></div>';
		}else{
			$db->Query("INSERT INTO `surf` (user, site, title, points, cpc, confirm) VALUES('".$data['id']."', '".$url."', '".$title."', ".$coins.", '".$cpc."', '1') ");
			$db->Query("UPDATE `users` SET `coins`=`coins`-'".$coins."' WHERE `id`='".$data['id']."'");
			$sid = $db->FetchArray($db->Query("SELECT `id` FROM `surf` WHERE `site`='".$url."' AND `user`='".$data['id']."'"));
			redirect('c_surf.php?id='.$sid['id']);
			$error = 0;
		}
		
	}elseif($_POST['type'] == "facebook") {
		$sql = $db->Query("SELECT * FROM `facebook` WHERE `facebook`='".$url."'");
		$num = $db->GetNumRows($sql);
		if($num > 0){
			$mesaj = '<div class="msg"><div class="error">Page already added!</div></div>';
		}else{
			$db->Query("INSERT INTO `facebook` (user, facebook, title, points, cpc) VALUES('".$data['id']."', '".$url."', '".$title."', ".$coins.", '".$cpc."') ");
			$db->Query("UPDATE `users` SET `coins`=`coins`-'".$coins."' WHERE `id`='".$data['id']."'");
			$mesaj = '<div class="msg"><div class="success">Page added successfully!</div></div>';
			$error = 0;
		}
		
	 }elseif($_POST['type'] == "tweet") {
		$sql = $db->Query("SELECT * FROM `tweet` WHERE `site`='".$url."'");
		$num = $db->GetNumRows($sql);
		if($num > 0){
			$mesaj = '<div class="msg"><div class="error">Tweet already added!</div></div>';
		}else{
			$db->Query("INSERT INTO `tweet` (user, site, title, points, cpc) VALUES('".$data['id']."', '".$url."', '".$title."', ".$coins.", '".$cpc."') ");
			$db->Query("UPDATE `users` SET `coins`=`coins`-'".$coins."' WHERE `id`='".$data['id']."'");
			$mesaj = '<div class="msg"><div class="success">Tweet added successfully!</div></div>';
			$error = 0;
		}
		
		}elseif($_POST['type'] == "stumbleupon") {
		$sql = $db->Query("SELECT * FROM `stumbleupon` WHERE `site`='".$url."'");
		$num = $db->GetNumRows($sql);
		if($num > 0){
			$mesaj = '<div class="msg"><div class="error">Stumbleupon URL already added!</div></div>';
		}else{
			$db->Query("INSERT INTO `stumbleupon` (user, site, title, points, cpc) VALUES('".$data['id']."', '".$url."', '".$title."', ".$coins.", '".$cpc."') ");
			$db->Query("UPDATE `users` SET `coins`=`coins`-'".$coins."' WHERE `id`='".$data['id']."'");
			$mesaj = '<div class="msg"><div class="success">Stumbleupon added successfully!</div></div>';
			$error = 0;
		}
		
		}
}?>
<div class="block medium right">
			<div class="top">		
					<h1>Add Site</h1> 
            </div>
			<div class="content"><? echo $mesaj; ?>
<form method="post">
<fieldset>
	<p>
		<label>Type</label> <br/>
        <select class="styled" name="type">
		    <option value="facebook">Facebook</option>
			<option value="google">Google +1</option>
			<option value="surf">Traffic exchange</option>
			<option value="youtube">Youtube Video</option>
			<option value="tweet">Twitter Tweet</option>
			<option value="stumbleupon">Stumbleupon Followers</option>
			<option value="linkedin">Linkedin Shares</option>
			<option value="ytlikes">Youtube Likes</option>
		</select>
	</p>
    <p>
		<label>Link</label> <small class="above">Add your url here</small><br/>
		<input class="text big" type="text" value="http://" name="url" />
	</p>
	<p>
		<label>Title</label> <small class="above">Add your site title here</small><br/>
		<input class="text big" type="text" value="" name="title" maxlength="30" />
	</p>
	<p>
		<label>Coins</label> <small class="above">Add some coins</small><br/>
		<input class="text big" type="text" value="5" name="coins" maxlength="5" />
	</p>
	<p>
		<label>CPC*</label> <br/>
        <select class="styled" name="cpc">
		    <option value="1">1 Coin</option>
			<option value="2">2 Coins</option>
			<option value="3">3 Coins</option>
			<option value="4">4 Coins</option>
			<option value="5">5 Coins</option><?if($data['premium'] > 0){?>
			<option value="6">6 Coins</option>
			<option value="7">7 Coins</option>
			<option value="8">8 Coins</option>
			<option value="9">9 Coins</option>
			<option value="10">10 Coins</option><?}?>
		</select>
	</p>
	<p><small><b>* Coins per Click.</b></small></p>	
    <p style="text-align: center; padding-top: 15px;">
		<input type="submit" class="gbutton" value="Add site" name="submit" />
	</p>
</fieldset>
</form>
				</div>
			</div>	
<script>
document.getElementById("currentpoints").innerHTML="<?=($error == 0 ? ($data['coins']-$_POST['coins']) : $data['coins'])?>";
</script>			
<?include('footer.php');?>